Security

Summmit

Welcome to the Security Summit 2024! The first day of the Summit will be held at the Stoos Lodge Hotel, followed by the second day at the Wellnesshotel Stoos. The two venues are conveniently located within an 8-minute walk of each other.

Security

Summit

Welcome to the Security Summit 2024! The first day of the Summit will be held at the Stoos Lodge Hotel, followed by the second day at the Wellnesshotel Stoos. The two venues are conveniently located within an 8-minute walk of each other.

Day 1
Location: Stoos Lodge Hotel

Keynote: The Vision of baseVISION Security Summit

Speaker: Thomas Kurth (CEO and Senior Expert Security Consultant, baseVISION AG)

8:45 - 9:15

Inside Microsoft: Securing Our Enterprise

Speaker: John Dellinger (Chief Security Advisor, Microsoft CDOC)

This presentation provides a comprehensive overview of Microsoft's robust security infrastructure. It highlights the collaborative efforts of Microsoft's internal security teams in protecting, detecting, and responding to threats. The presentation underscores Microsoft's commitment to a security-first approach as part of the Secure Futures Initiative. It delves into the application of security hygiene, data loss prevention, and Zero Trust across the enterprise, along with the management of identities and privileged access.

The presentation also explores the use of threat intelligence, red teaming, and hunting to fortify the environment. A key focus is the Cyber Defence Operations Center, organized as a fusion concept to monitor the environment and respond to attacks. The presentation concludes with a discussion on the use of machine learning and artificial intelligence at scale to automate tasks and the company-wide mobilization in response to major incidents.

9:15 - 10:15

Break

10:15 - 10:30

The best out of baseVISION Informed

Speaker: Alex Verboon (CTO and Senior Expert Security Consultant, baseVISION AG)

Today, many companies, including Microsoft, have shifted their development cycle process for releasing new products from years to months. For many companies one of the biggest challenges is to stay informed about what’s coming up next, when new features will be introduced and when they become depreciated. In some cases, the unawareness can negatively impact their business or available features customers already pay for remain unused.

baseVISION’s security informed service improves your security posture by providing relevant and current information about updates, new features, and new security threats.

In this session, we discuss the importance of staying current and how baseVISION assists its customers in achieving this. We'll provide an overview of the baseVISION Informed Service and offer a sneak peek at the service, showcasing some of the latest updates to the Microsoft security solution suite.

10:30 - 11:30

Why proactive threat hunting is key in a defense strategy

Speaker: Christoph Düggeli (Senior Security Analyst, baseVISION SOC)

In the ever-evolving landscape of cybersecurity, proactive threat hunting has emerged as a critical component of a robust defense strategy. Unlike traditional security measures that focus on reactive approaches, threat hunting delves into the network to identify and mitigate threats before they manifest into full-blown attacks. This presentation "Why Proactive Threat Hunting is Key in a Defense Strategy," underscores the significance of threat hunting, outlines its key aspects, and shows our approach to conduct “Advanced Threat Hunting”.

11:35 - 12:35

Implementing Zero Trust at Microsoft

Speaker: Miles Chris Merwin (Senior Program Manager within Digital Security & Resilience, Microsoft Global)

This session serves as a case study, showcasing our strategic approach to implementing Zero Trust principles at Microsoft. During this roughly 60-minute presentation, hear from the team directly responsible for protecting Microsoft as we talk through insights, methodologies, and programmatic structure that can aid other organizations as they embark on their own journey to implement a Zero Trust framework.

14:00 - 15:00

Forensic Readiness: Evolution, Key Issues, and Practical Insights

Speaker: Darja-Anna Yurovsky (Security Universities & Registry, SWITCH)

How has digital forensic readiness evolved in practice in response to increasingly complex environments? What are the key challenges and questionable methods faced today, and how can we balance the need to resume business operations quickly while ensuring that we do not create a law-free realm?

15:05 - 16:05

Break

16:05 - 16:25

Panel Discussion and Closing Day 1

Join us for an engaging panel discussion and closing session on Day 1, where we will explore diverse perspectives from key stakeholders including customers, cloud providers, and the BACS/NCSC. This session will delve into how these different entities collaborate, addressing their unique challenges and synergies. Attendees will also have the opportunity to ask questions and engage in an open dialogue with the panelists.

16:25 -17:15

Check-In Rooms

17:15 - 18:00

Meeting at reception Stoos Lodge Hotel

We will walk together to the chairlift. Our extra ride, which takes us to Fronalpstock, departs at 18:15. So be on time!

18:00
Day 2
Location: Wellnesshotel Stoos

Day in the Life of a Microsoft SOC Analyst

Speak: Solaire Brown (Senior Security Operations Engineering Manager, Microsoft CDOC)

This session provides an in-depth look into the daily operations of a Microsoft Security Operations Center (SOC) Analyst. It covers the organizational structure of the SOC and provides insights into the roles and responsibilities of the team members. The presentation also delves into the qualifications, certifications, and skills Microsoft seeks when building its SOC team. A significant portion of the presentation is dedicated to the workflows of a SOC analyst, including the volume of alerts they handle and how they manage them. Lastly, the presentation explores the various tools utilized by SOC analysts in their day-to-day operations, providing a comprehensive overview of the life of a Microsoft SOC Analyst.

8:30 - 9:30

Intelligence Led Security Operations

Speaker: Kurt Tonti (Threat Intelligence Director, Microsoft Global)

Whether they recognize it or not, all cyber security teams and organizations are using threat intelligence to drive their operations and make decisions. Security alerts from their endpoints, new vulnerabilities reported in the wild, and supplier breach notifications are all examples of information that must be processed every day to understand the risk and prioritize actions that must be taken. While cyber security will always include reactive actions against threats, there are also things we can do with intelligence to be proactive and identify operational risks before they are actualized. This session will provide specific examples and methods Microsoft uses to provide intelligence that helps lead efforts across the protect, detect and response security functions and communicate strategic risks to executives and leaders who need to make investment and prioritization decisions.

9:35 - 10:35

Break

10:35- 11:00

Cybersecurity in Switzerland: Threats, current incidents and reporting obligation

Speakers: Klaus Gribi (Lead Team Analyse, BACS) und Pirmin Heinzer (Security Analyst, BACS) 

In this session, the NCSC will provide an overview of the current cyber threat landscape in Switzerland, where the NCSC will also share some lessons learned of recent incidents response activities.
Looking forward, the NCSC provides a first preview of the upcoming reporting obligation for critical infrastructure operators.

11:00 - 12:00

Why baseVISION Invests into Threat Intel?

Speaker: Flamur Ramiqi (Senior Threat Intelligence Analyst and Detection Engineer, baseVISION AG)

This session can help you to understand why Threat Intel could also be crucial for your company and provide advantages against attackers.

14:00 - 15:00

How customers can benefit from Microsoft Security

Speaker: Daniel von Büren (Swiss Security Officer, Microsoft Schweiz)

This session shares insights about the Secure Future Initiative (SFI) of Microsoft to advance cybersecurity protection across our company and products and what is the concrete benefit for customers. You will learn about how Microsoft informs customers about urgent incidents - either if a customer is directly impacted or as for information.
To complete the session we give you an overview about which Microsoft teams exists, and how you can include them if you are under an attack.

15:05 - 16:05

Closing

Speaker: Thomas Kurth (CEO and Senior Expert Security Consultant, baseVISION AG)

16:05 -16:25